Authorization refers to the process of granting a user access to resources or permissions to perform certain actions. BMC Server Automation supports authorization using a role-based access control (RBAC) model and a set of very granular access control lists (ACLs).
Every system object that you manage with the BMC Server Automation Console has ACLs defined for it, and those ACLs can grant a range of authorizations to users. You can also define authorizations for Network Shell users if they are configured to communicate through a Network Shell proxy server. (Network Shell users communicating directly with agents do not assume any particular role.)
For example, the BMC Server Automation Console can enable users with an expert role to create component templates and other users with a junior admin role to check for compliance with these templates. Or, a Network Shell user with a junior admin role can be permitted to perform read-only Network Shell commands such as
ps on certain directories within a group of servers, but that same junior administrator cannot make any changes on those servers.
For more information about RBAC and authorization in BMC Server Automation, see the Managing access.